Privacy Policy - Tree Surgeons Sevensisters
This Privacy Policy explains how Tree Surgeons Sevensisters collects, uses, stores, shares, and protects personal data. It applies to all Tree Surgeons Sevensisters customers in area, including individuals who request quotations, book services, communicate with us, or otherwise use our services. We are committed to handling personal data in a lawful, fair, and transparent manner in line with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
1. Who We Are
Tree Surgeons Sevensisters provides tree surgery and related services to customers in area. For the purposes of data protection law, we act as the data controller for the personal data we collect and use in connection with our services. This means we determine the purposes and means of processing your personal data.
2. What Personal Data We Collect
We only collect personal data that is necessary for our legitimate business operations, service delivery, legal obligations, and customer support. The types of information we may collect include:
- Identity information: your name and, where applicable, the name of a business or property owner.
- Contact details: postal address, email address, and telephone number.
- Service details: information about the work requested, site access, property type, tree condition, and any preferences you provide.
- Payment information: billing records, transaction details, and payment status. We do not usually store full card details where a third-party payment processor is used.
- Communication records: emails, messages, call notes, quote requests, complaint records, and service feedback.
- Technical information: limited information such as device or browser data if you interact with our digital systems, where relevant.
- Site and safety information: details needed to complete work safely, including access conditions, hazard notes, or property-specific instructions.
We do not intentionally collect special category data unless it is required for a specific legal, safety, or operational reason and we have a lawful basis to do so. If such data is ever needed, it will be processed with appropriate safeguards.
3. How We Use Your Data
We process personal data for the following purposes:
- to provide quotations, arrange visits, and carry out tree surgery services;
- to communicate with customers about bookings, service updates, and aftercare;
- to prepare invoices, process payments, and manage accounts;
- to keep internal records and maintain service history;
- to respond to enquiries, complaints, and claims;
- to meet legal, tax, insurance, and health and safety obligations;
- to improve our services and customer experience;
- to protect our business, staff, customers, and property against fraud, misuse, or unlawful activity.
We only use your data in ways that are relevant and proportionate to the service being provided.
4. Lawful Basis for Processing
Under data protection law, we must have a lawful basis for each use of personal data. Tree Surgeons Sevensisters may rely on one or more of the following lawful bases:
Contract
We process personal data where it is necessary to enter into or perform a contract with you. This includes managing quotes, booking services, completing work, issuing invoices, and handling service-related communications.
Legal Obligation
We process personal data where needed to comply with applicable legal requirements, including tax, accounting, employment, insurance, and health and safety obligations.
Legitimate Interests
We may process personal data where it is necessary for our legitimate interests and those interests do not override your rights and freedoms. This includes maintaining records, improving our services, preventing fraud, managing customer relationships, and securing our operations. Where we rely on legitimate interests, we assess the necessity and balance of the processing carefully.
Consent
In limited cases, we may ask for your consent before processing certain data. If we rely on consent, you can withdraw it at any time. Withdrawal of consent will not affect any processing carried out before the withdrawal.
5. Data Sharing and Processors
We may share personal data with trusted third parties who help us operate our business and deliver services. These third parties act as processors or independent controllers, depending on the circumstances. We only share the minimum information necessary and require appropriate safeguards.
Examples of processors and third parties may include:
- IT and cloud service providers: for secure storage, email, record management, and business systems.
- Accounting and bookkeeping providers: for invoicing, tax, and financial administration.
- Payment processors: for handling card or electronic payments securely.
- Insurance providers and advisers: where required for claims, risk management, or compliance.
- Legal and professional advisers: when needed for contractual, regulatory, or dispute-related matters.
- Subcontractors or specialist contractors: when they assist in delivering tree surgery or related services.
Where we use processors, they are required to act only on our instructions, protect your data, and comply with data protection law. We do not sell your personal data.
6. International Transfers
If any processor stores or accesses personal data outside the UK, we take steps to ensure that suitable safeguards are in place. These safeguards may include adequacy regulations, standard contractual clauses, or equivalent protective measures, depending on the destination and service used.
7. Data Retention
We keep personal data only for as long as necessary to fulfil the purposes for which it was collected, including legal, accounting, and reporting requirements. Retention periods may vary depending on the type of information and the reason for processing.
Typical retention considerations include:
- Customer and service records: retained for the period needed to manage the relationship and any follow-up matters.
- Financial and tax records: kept for the length of time required by law.
- Communication records: retained as needed to evidence instructions, resolve disputes, or manage customer support.
- Health and safety or incident records: retained for as long as necessary to meet legal duties or defend potential claims.
When personal data is no longer needed, we will delete it securely, anonymise it, or otherwise dispose of it appropriately.
8. Data Security
We use reasonable technical and organisational measures to safeguard personal data against unauthorised access, loss, alteration, or disclosure. These measures may include access controls, secure storage, staff confidentiality obligations, and regular review of our systems and processes. No system can be guaranteed to be completely secure, but we work to reduce risks as far as practicable.
9. Your Rights
Under data protection law, you have rights in relation to your personal data. These rights may include:
- The right of access: to request a copy of the personal data we hold about you.
- The right to rectification: to ask us to correct inaccurate or incomplete data.
- The right to erasure: to request deletion of your data in certain circumstances.
- The right to restrict processing: to ask us to limit how we use your data in certain situations.
- The right to data portability: to receive certain data in a structured, commonly used format where applicable.
- The right to object: to object to processing based on legitimate interests or direct marketing.
- Rights related to automated decision-making: to not be subject to decisions based solely on automated processing where applicable.
To help protect your privacy, we may need to verify your identity before responding to a request. Some rights may not apply in all situations, as legal exemptions can limit or override them.
10. Marketing Communications
If we ever send marketing communications, we will do so in accordance with applicable law. You can opt out of marketing at any time. Service-related communications, such as appointment confirmations or important updates, are not marketing and may still be sent when necessary for the provision of our services.
11. Children’s Data
Our services are generally directed to adults and property owners or authorised representatives. We do not knowingly collect children’s personal data unless it is incidentally provided in the course of service delivery and is necessary for operational, safety, or legal purposes.
12. Complaints and Supervisory Authority
If you have concerns about how we handle personal data, you should contact us using the relevant service channels available to you. You also have the right to raise a complaint with the UK Information Commissioner’s Office (ICO) if you believe your data protection rights have been infringed.
13. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in the law, our services, or our internal practices. Any revised version will apply from the date it is published or otherwise communicated. We encourage customers in area to review this policy periodically so they remain informed about how their data is handled.
By using Tree Surgeons Sevensisters services, you acknowledge that you have read and understood this Privacy Policy.